* add Debian 11 aka Bullseye
* add Debian 11 aka Bullseye to Molecule test
* update README
* added Fedora 34 + removed Fedora 32 support from meta/main.yml
* Debian 11 do not need kernel headers anymore
* remove Fedora 32 from Molecule test / add Fedora 34 + Debian 11 to Molecule test
* add rolename/namespace + make ansible-lint happy in meta/main.yml
* make ansible-lint happy
* (Archlinux) As linux-lts is using kernel 5.10 now there is no need to install wireguard-lts tools any longer (and this package is gone anyway)
* (Debian) fix ansible-lint issues
* update CHANGELOG
* Use Debian backports repositories
Use Debian backports instead of unstable to get wireguard. This is a more
stable solution and has less impact on the system.
Unfortunately a reboot is still required.
* Fix boot paths
* Update Changelog, switch to 7.7.0
* CHANGELOG formatting
* No need to use PPA for Ubuntu 18 any longer
* update CHANGELOG
* Bring back task to install support packages for Ubuntu < 19.10 just to be sure
* Add editor fold sections
* Remove trailing whitespace
* Make the repo compliant with REUSE Specification v3.0
Closes: #71
Email addresses have all been removed from this commit as requested by
githubixx.
* Use common namespace "wireguard" for role facts
* Fix typo
* Explicitly state that GPL-3.0-or-later applies
Closes: #72
Add macOS details in the README
Fix Archlinux spelling
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
Remove additional linux.yml file, use conditional block instead
Add CHANGELOG entry
Bump to 7.2.0 in CHANGELOG
Invert OS check on Darwin instead of Linux
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Add support for unmanaged WireGuard peers
Add variable wireguard_extra_peer_config that is raw WireGuard
configuration appended to the peers section. Value is a string
containing arbitrary wg-quick syntax.
This closes#41, and closes#45.
* update CHANGELOG (#63)
* Change unmanaged peers to dictionary instead of string
Based on review comment by @j8r in #63.
* README: update preshared_key example
Update wireguard_unmanaged_peers example for preshared_key.
Make it a comment to highlight it is optional and should probably be handled
like other secrets.
* Clean up jinja2 syntax
Based on review comments.
* Remove unneeded if of required public_key
The public_key is required for a wireguard peer so remove the if from
wireguard_unmanaged_peers public_key. The effect is that it is a syntax
error from Ansible rather than failing config validation when the config
has already been written and fails to load.
* Switched to ELRepo for Centos (#50)
- added switch to differentiate setup of Centos7/8
- replaced old repository by officialy recomended
- added step to remove old dkms wireguard package
- switched to install KMOD wireguard package
* Updated CHANGELOG after switching to ELRepo for Centos
* Update CHANGELOG.md
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Updted CHANGELOG: added notice about old wireguard Centos repository removal
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Changes wireguard apt repo to buster-backports
* Add repo only on buster or earlier
* No apt pin needed, backports has lower priority than main distribution
* Update CHANGELOG.md
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Clarify effects of updating on system state
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* merge stateless with no storage of local priv key
* Delete locally stored private key
* add reload module on update config file
* privatekey template is not used anymore
* remove all local keys priv and public
* use ansible_play_hosts instead of hardcoded vpn grp
should use the group in the play calling the role.
works fine when hosts bellong to several groups
* Clean tasks names
* add tag, and cleanup
* fix private key creation
* Support for mutliple wireguard vpn on same host
add inventory exemple in readme
* fix typo, add some comment on inventory
* add wg-config tag to Check config:
allow run with -t - wg-config
* Update tasks/main.yml
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* remove trailing whitespace
* Update templates/wg.conf.j2
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Update templates/wg.conf.j2
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* changes after githubixx code review
* readd new line to separate peers in config
Robert Wimmer